Amazon has announced that it has developed and is offering a “CMMC Quickstart Package” to help contractors comply with the Department of Defense’s (DOD) Cybersecurity Maturity Model Certification (CMMC) required for contractors to enter into contracts with DOD.

According to an Amazon spokesman, Amazon Web Services (AWS) will be releasing a responsibility guide that “lists the CMMC requirements and, based on our shared responsibility model, outlines practices and processes that are either the customer’s responsibility, an AWS responsibility, or a shared responsibility.” In addition, AWS will issue a “CMMC compliance document template” that companies can use to assist them in seeking certification.

AWS’s stated goal “is to help companies reduce the level of effort and cost for CMMC compliance by leveraging their existing investment in other compliance program authorizations.”

Despite some confusion over the timing and details around DOD’s CMMC program, all indications are that DOD is moving forward with the program, and defense contractors are gearing up to be ready for it.

Photo of Linn Foster Freedman Linn Foster Freedman

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She is a member of the Business Litigation Group and the Financial Services Cyber-Compliance Team, and chairs the firm’s Data Privacy and Security and Artificial Intelligence Teams. Linn focuses her…

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She is a member of the Business Litigation Group and the Financial Services Cyber-Compliance Team, and chairs the firm’s Data Privacy and Security and Artificial Intelligence Teams. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations. She counsels a range of public and private clients from industries such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine and charitable organizations, on state and federal data privacy and security investigations, as well as emergency data breach response and mitigation. Linn is an Adjunct Professor of the Practice of Cybersecurity at Brown University and an Adjunct Professor of Law at Roger Williams University School of Law.  Prior to joining the firm, Linn served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.